You initiate the bring-up process on a computer that can access the management switch in the physical rack. The wizard runs in a standard web browser, such as Mozilla Firefox and Google Chrome. After you provide site specific information such as rack name, passwords, IP addresses, and DNS and NTP details, SDDC Manager configures your private cloud.

Before you begin

  1. Ensure that you have completed the steps in Connect Rack 1 to Your Power Source and Network.

  2. Either turn off firewall on the jump host or ensure that the firewall ports required to access Cloud Foundation on it are open.

    Table 1. Inbound Ports for Cloud Foundation

    Port

    Required for

    TCP 8443

    SDDC Manager

    TCP/UDP 53

    DNS resolution to SDDC Manager

    TCP 22 (optional)

    SSH access to Cloud Foundation and vSphere components

    Table 2. Outbound Ports for Cloud Foundation

    Port

    Required for

    TCP/UDP 53

    Corporate DNS resolution

    UDP 123

    NTP access to corporate time servers

    In addition, VMware software may require additional firewall ports to be open.

  3. Depending on the switches in your environment, ensure that two 40 Gbps ports or multiple 10 Gbps ports are connected to your corporate network and configured appropriately. For details, see VIA User's Guide.

  4. If your rack has only 4 ports, you must update the vrm.properties file before starting bring-up on the rack.

    1. In a command line window, SSH to the base IP address for SDDC Manager on the rack.

    2. In the /home/vrack/VMware/vRack/vrm.properties file, change the rack.initial.mgmt.hosts=3 parameter to rack.initial.mgmt.hosts=4 .

    3. In the /home/vrack/vrm/webapps/vrm-ui/web-inf/classes/vrm.properties file, change the rack.initial.mgmt.hosts=3 parameter to rack.initial.mgmt.hosts=4 .

About this task

If you accidentally log out of the browser while the configuration process is running, the process continues to progress. You can log back in to continue the configuration.

Procedure

  1. After you connect the Cloud Foundation system to your network, wait at least 10 minutes before proceeding to the next step. This ensures that all rack components are powered on.
  2. In a web browser on the laptop that you have connected to port #48 of the rack's management switch, navigate to https://192.168.100.40:8443/vrm-ui.

    The Welcome page appears. time1

  3. Click SET TIME.

    The System Time for VMware Cloud Foundation page appears. bb

  4. Specify the date, time, and time zone for the rack and click Submit. The specified time should match the current time in your environment.

    All the physical components in the environment are synchronised. After the time has been set on all Cloud Foundation components, the SDDC Manager ISVMs are rebooted and the CONTINUE button turns blue. bb

  5. Click CONTINUE.

    The system performs Power On Self Validation (POSV), where it verifies that all the physical components are operational. This includes verifying that everything in the inventory is present, the hardware is healthy, and ensuring that the necessary services are running.

    bb test

    If the validation page displays an error, ensure that all physical connections are in place. Then click RETRY.

  6. After the validation is complete, click CONTINUE.

    The Login page appears.

    bb

  7. Type the default credentials:

    User name: administrator@vsphere.local

    Password: vmware123

  8. Click LOGIN.

    The Cloud Foundation End User License Agreement (EULA) page appears.

  9. Click AGREE.

    The Create a Superuser Account page appears.

    bb

  10. Type a user name and password for the superuser.

    The password must be between 8 and 20 characters long and must contain at least one each of the following:

    • lowercase letter

    • uppercase letter

    • number

    • special character such as ! or @

    The superuser account has the same privileges as the administrator@vsphere.local account. After the bring-up process is complete, the password for the administrator@vsphere.local account is rotated to a random password, but the password for the superuser account does not change. You can, thus, login to SDDC Manager with the superuser user name and password without having to look up the rotated password for the administrator account.

  11. Click CREATE SUPERUSER.

    The Initial Setup wizard appears.

    bb

  12. On the General information page, enter the following information.

    Field Name

    Description

    vRack Name

    Name of the virtual rack

    Company Name

    Your company name

    Company Department

    Your department name

    Root Domain

    Type your root DNS domain (for example, vmware.corp). This should be the same as the Active Directory domain.

    VMware Cloud Foundation Sub Domain

    Cloud Foundation generates this based on the root domain you specified. For example, if you specified the root domain as mycompany.example, the subdomain is auto-populated as subdomain.mycompany.example. You can edit this field.

    The sub domain is used for all components in Cloud Foundation. So everything is named component.subdomain. Based on our example, the NSX VM would be named rack-1-nsxmanager-1.subdomain.vmware.com.

    SSO Domain

    Type the authentication domain to be used by SSO. For example, vsphere.local.

    The root domain and PSC domain must be different if you plan to join Active Directory. If you will not join Active Directory, they can be the same.

    VMware Cloud Foundation License Key

    Type the license key for Cloud Foundation. If you do not have the license key now, you can enter it later on the Cloud Foundation dashboard.

    Joining Active Directory during Cloud Foundation bring-up can fail because of unconfigured or mis-configured uplinks, mis-configured upstream firewall, or incorrect corporate DNS configuration. After bring-up, you must identify and correct the cause of the failure. You can then manually connect each PSC to Active Directory. See ESXi and vCenter Server 6.0 Documentation.

  13. Click NEXT.

    The Management Configuration page appears. You now provide network information such as the VLAN identifier and IP subnets for the management, vMotion, Virtual SAN, and VXLAN networks. The VLAN IDs you specify here are pre-configured on the physical switch infrastructure.

    bb

    The following VLANs are configured while setting up networks for the bring-up phase:

    1. management

    2. vMotion

    3. vSAN

    4. VXLAN

    5. datacenter (corporate) network

    The management and datacenter upstream networks are routable to the datacenter. The vMotion, VSAN, and VXLAN networks are routable only within Cloud Foundation.

    Note that there is a progress bar at the top of the page. To make any changes to a previous screen, click the appropriate page title. After making a change, you must click NEXT for the change to take effect.

    EVO: RACK setup wizard progress bar


  14. On the Management page, enter your management network values. The DNS server here is the DNS server for your management network.

    Field Name

    Description

    VLAN ID

    The supported VLAN range is 21-3299.

    Subnet

    VMware recommends using a /22 network. This is to allow for adequate IP address capacity as you expand your Cloud Foundation deployment by adding racks.

    Subnet Mask

    VMware recommends using a /22 network.

    Gateway

    Gateway address.

    DNS

    DNS of your datacenter.

    NTP

    NTP of your datacenter.

    Exclude Individual IP Addresses

    Enter a set of IP addresses to exclude from the provisioning process. For example, you can exclude those IP addresses that are already assigned to your network availability services such as HSRP.

    To add multiple addresses, type an IP address, click the + sign, and type the next IP address.

    Exclude IP Address Ranges

    Enter a set of IP address ranges to exclude from the provisioning process. For example, you can exclude a range of IP addresses that you want reserved for other uses in your network.

    To add multiple address ranges, type an IP address range, click the + sign, and type the next IP address range.

  15. Click USE DEFAULTS to allow Cloud Foundation to specify system generated IP address ranges for vMOTION, vSAN, and VXLAN. Since the Cloud Foundation network is an enclosed ecosystem, it is recommended that you select this option.
  16. Click NEXT.

    bb

    The progress bar is displayed with additional wizard steps.

    EVO: RACK setup wizard progress bar with the steps for the physical network added


    To make any changes to a previous screen, click the appropriate page title. After making a change, you must click NEXT for the change to take effect.
  17. On the vMotion Configuration page, review or enter your network addresses for VLAN ID, Subnet, Subnet Mask, Gateway, and excluded IP addresses and IP address ranges.
    Note:

    The supported VLAN range is 21-3299. VMware recommends using a /22 network for the subnet and subnet mask. This is to allow for adequate IP address capacity as you expand your Cloud Foundation deployment by adding racks.

  18. Click NEXT.

    The VSAN information page appears.

    bb

  19. On the VSAN Information page, review or enter your Virtual SAN network addresses for the VLAN, Subnet, Subnet Mask, Gateway, and excluded IP addresses and IP address ranges..
    Note:

    The supported VLAN range is 21-3299. The subnet and subnet mask must be at least a /22 network. This is to allow for adequate IP address capacity as you expand your Cloud Foundation deployment by adding racks.

  20. Click NEXT.

    The VXLAN information page appears.

    bb

  21. On the VXLAN information page, review or enter your VXLAN information for the VLAN ID, Subnet, Subnet Mask, Gateway, and excluded IP addresses and IP address ranges..
    Note:

    The supported VLAN range is 21-3299. VMware recommends using a /22 network for the subnet and subnet mask. This is to allow for adequate IP address capacity as you expand your Cloud Foundation deployment by adding racks.

  22. Click NEXT.

    The Data Center connections page appears.

    bb

  23. The Data Center Connections page contains information for Cloud Foundation to connect to your corporate network. Enter your corporate network information for the VLAN ID, Connection Name, Network Start IP, Subnet Mask, Gateway, DNS, NTP, and excluded IP addresses and IP address ranges.
    Important:

    Review these values carefully before clicking NEXT because external connections are not validated at this time.

    The Data Center Uplink page appears.

    bb

  24. If the uplink is an L2 connection, provide the following information.

    Field

    Description

    Uplink Type

    L2

    Uplink LAG Enabled

    It is recommended that you select this option.

    Uplink Ports

    Port numbers on the ToR switches that are connected to the uplink network.

    Uplink Speed

    Speed for uplink connections.

  25. If the uplink is an L3 connection, provide the following information.

    Field

    Description

    Uplink Type

    L3

    Uplink LAG Enabled

    It is recommended that you select this option.

    Uplink Ports

    Port numbers on the ToR switches that are connected to the uplink network.

    Uplink Speed

    Speed for uplink connections.

    Uplink IP

    IP address of the uplink IP on the ToR switches.

    Mask IP

    Subnet mask for the uplink IP.

    Next Hop IP

    IP address of the uplink switch for the data center.

    Ensure that the management and external VLANs from Cloud Foundation are routable upstream.

    For an L3 uplink, SDDC Manager configures a Switched VLAN Interface (SVI) for each requested VLAN and configures a static route between ToR 1 and the upstream router. The configured SVI and the configuration between the ToR and router is non-HA.

    It is recommended that you set up iBGP between the ToR switches and an eBGP between each ToR switch and the upstream router. This not automated. For information on the required configuration, see Example ToR Switch Output for L3 Configuration on Cisco ToR Switches (9372).

    Figure 1. L3 Configuration
    l3

  26. Click NEXT.

    The Configuration Review page appears.

    bb

  27. On the Configuration Review page, review the information carefully.
  28. After you ensure that all values on the Review page are accurate, click NEXT.

    After a few moments, the Component IP Allocation page appears and displays the IP addresses for the VMs that will be deployed for the vRealize Log Insight, NSX, Platform Services Controller, SDDC Manager, vCenter Server, and vRealize Operations software components.

    bb

    If you need to make any change on the IP Reallocation page, click CANCEL to make edits as required.

  29. Note down the virtual machine IP addresses. You will need these later in the bring-up process.
  30. After you ensure that the IP Reallocation values are correct, click CONFIRM.

    The Cloud Foundation configuration process begins. The amount of time it takes for the bring up process to be completed depends on the number of servers in the physical rack. The average time is approximately 90 minutes.

    bb

    You can see progress on the individual tasks by clicking Task Details.

    bb

    Expand the task by clicking the blue arrow to see additional information. You can filter the tasks by status or time.

    If there is an error during the configuration of the system, an error page appears. Click RETRY. The configuration process remembers where it was in the sequence and start over from that point. If an error occurs even after you rerun, contact VMware Support.

    After the system configuration is completed, the SDDC Manager is restarted and the login screen is displayed.

  31. Login with your superuser credentials . When SDDC Manager comes up, the Password Rotation page is displayed. For information on rotating the system passwords, see Change Passwords of Rack Components

    The Continue to Dashboard button is grayed out till password rotation is completed.

    bb

  32. Note the IP address on the URL. If you accidentally close the browser, you will need this IP address to navigate to the Dashboard.
  33. Leave this browser window open.
  34. Configure DNS delegation for automatic resolution of all names in Cloud Foundation.

    SDDC Manager uses Unbound a DNS server software) for name resolution during the Cloud Foundation bring-up. You must now configure the corporate DNS server to delegate zone control for the Cloud Foundation domain to SDDC Manager.

    For example, if your corporate domain is mycompany.example, and the Cloud Foundation Sub Domain is subdomain. mycompany.example, the corporate DNS server must be configured to delegate control of subdomain. mycompany.example to SDDC Manager.

    1. Install DNS on your server by adding a new role through Server Manager and selecting DNS.
    2. Ensure that your jump server uses the local DNS for name resolution.
    3. Configure the primary zone (mycompany.example) as a zone managed by Windows DNS.
    4. Right-click the zone and select New Delegation.
    5. Enter the name of the sub-domain (subdomain).
    6. In the Server fully qualified domain name (FQDN) field, type the IP address of SDDC Manager and click Resolve.
    7. Click OK.

      The new zone appears as a delegated zone under your primary domain.

    8. In a command line window, ping psc.Cloud_Foundation_Sub_Domain (psc.subdomain. mycompany.example in our example).